Break-glass Access (Emergency) Authentication

In critical situations, Equinix offers this feature to ensure you have account access without compromising security. This feature is available to federated customers. An emergency authentication method (in case SSO login is compromised) will be made available to users to log into Equinix.

Set up Break-glass Access

  1. Log in to an Equinix portal, as a federated customer with Administrator access.

  2. From the Administration menu, choose Account and Security Management.

    Note: The Administration menu is visible only to Administrators.

  3. Click on Federated Single Sign-On. Federation details screen will be displayed. Alternatively, you can access via https://federation.equinix.com/.

  4. Select the Break-glass Access tab. This will be available if you have successfully setup federated connection, and login via federated authentication.

  5. Input up to 10 emails for emergency use. An email message will be sent to these users to inform them that they are designated Break-glass Access users. It will also prompt them to create passwords for Break-glass Access.

    Note: Emails must belong to existing Equinix users. Email link will expire after a week.

  6. Click on Create Password in the email.

    Password requirements:

    • Must be at least 26 characters long

    • Must contain at least 3 of the following:

      • one lower-case letter (from a-z)

      • one upper-case letter (from A-Z)

      • one numeral (from 0-9)

      • one special character (e.g. ! @ # $ % ^ & * )

    • Must not include spaces

    • Must not contain two identical characters consecutively

    Note: This feature is meant for use only in emergencies when SSO login is not working. The password will be valid for 72 hours from the first login (unlimited logins during such time).

  7. You can define email addresses who will be notified when Break-glass Access is used.

  8. Click on Resend Link to resend the Create Password email to the user. This is for cases where the password has expired, or the user failed to create a password before the expiration of the first email.

  9. Click on Revoke Access to remove access from the user. An email will be sent to the user to inform them that their Break-glass Access has been revoked.

Accessing Equinix via Break-glass Access

During critical situations where SSO login is not working, you can log into Equinix portal if you are a designated Break-glass Access user.

  1. After creating your password for Break-glass Access, the following email will be sent to you with links to access Equinix. Click on the links to access Equinix Customer Portal or Metal portal.

  2. Use your email address and password associated with Break-glass Access to log in.

How do you know if you have Break-glass access?

You can find out if you have Break-glass access from your User Account. If you were enabled for Break-glass Access, you would have received an email informing you.

  1. Log in to an Equinix portal.

  2. Click your user name and select User Account.

  3. From the left menu, select Authentication and Security.

  4. If you have Break-glass Access, you will see the following screen.